Public Wi-Fi Hijacked at Coffee Shop

Tech users have been warned for years about the possible hazards involved in connecting over public Wi-Fi.

While retailers, restaurants, hotels, airports, and other businesses offer this service as a convenience—and let’s face it, as an incentive—to customers, it’s also a potential trap. Hackers can also be on the same connection without your knowledge, and with the right tools and know how they can monitor your activity and steal your data.

Typically, consumers have been warned to avoid conducting sensitive business over shared public connections, waiting until they get home or back to work to log into email or online banking. But a new report of hijacking over public Wi-Fi targets your computer in a brand-new way, no matter what you’re using it for.

A report has surfaced about a Starbucks Wi-Fi connection in Bueno Aires that was being used to mine the cryptocurrency Monero by hijacking its customers’ phones and mobile devices. A tech-savvy customer noticed a significant delay in his internet speed, and when he ran a scan to uncover the problem, he found code that had been injected into his computer. He brought it to the attention of the coffee chain’s corporate office, who investigated further.

In this case, Starbucks and its employees weren’t the culprits. Instead, the activity was being conducted by the local internet service provider (ISP) who supplied the Wi-Fi connection to the coffee shop.

Mining cryptocurrency is not illegal, depending on how you go about it, but it does require intense levels of processing. That’s why someone at the ISP was hijacking multiple customers’ computers to do it for them.

For what it’s worth, the customers’ computers were not believed to have been harmed and their accounts weren’t touched, but that does not make this right or acceptable. Taking over someone’s computer without their permission is a violation of their privacy. It is still unknown how many customers were affected or how long this scheme had been going on. It’s also not certain how the malware that infected their computers in the first place can potentially lead to other issues down the road.

Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.